Help

macos security compliance through jamf

Go to solution
jalhathanaya
New Contributor II

Posted on ‎10-16-2023 08:34 AM

Hello Jamf Nation,

 

I am trying to implement the nist macos security compliance project into our organization devices, https://github.com/usnistgov/macos_security .  

I have read through the wiki and it keeps saying in each page that: 

We recommend working off of one of the OS branches, rather than the main branch

 

I am wondering how can i generate the script and configuration profiles and put them in jamf while we have different mac os versions, i.e. ventura, monterey, sonama.

 

I hope i am expressing my self clear. Please any guidance on that? 

 

Thank you,

 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Hugonaut
Valued Contributor II

Posted on ‎10-16-2023 08:44 AM

@jalhathanaya 

Jamf has worked with the NIST git & created this tool - https://trusted.jamf.com/docs/establishing-compliance-baselines

 

You can download the tool, select the compliance level regarding cis/nist/etc & then upload the scripts, configs, etc, directly to your jamf pro server from the jamf compliance editor application.

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

View solution in original post

3 REPLIES 3

Go to solution
Hugonaut
Valued Contributor II

Posted on ‎10-16-2023 08:44 AM

@jalhathanaya 

Jamf has worked with the NIST git & created this tool - https://trusted.jamf.com/docs/establishing-compliance-baselines

 

You can download the tool, select the compliance level regarding cis/nist/etc & then upload the scripts, configs, etc, directly to your jamf pro server from the jamf compliance editor application.

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

Go to solution
Tonyyoung
New Contributor III
In response to Hugonaut

Posted on ‎10-16-2023 01:44 PM

Seconding @Hugonaut here.
The Jamf Compliance Editor tool is your best friend in this situation. You can build your projects per OS, and the application can upload everything to Jamf on your behalf. It's a great time saver.

Go to solution
jalhathanaya
New Contributor II
In response to Tonyyoung

Posted on ‎10-17-2023 03:25 AM

so i can build the same project for sonoma, monterey and ventura? 

0 Kudos